IT GRC Analyst

The Role:

A leading financial services organisation based in the heart of the City of London is seeking an IT GRC Analyst to join its growing team. This is an excellent opportunity for a professional with at least 3 years of experience in IT Governance, Risk, and Compliance (GRC) to take the next step in their career, contributing to the ongoing development and improvement of IT risk and control frameworks within a highly regulated, technology-driven environment.

Working alongside experienced GRC specialists, IT teams, and business stakeholders, you’ll play a key role in maintaining robust IT governance, managing operational and technical risks, and ensuring compliance with internal and external requirements.

Key Responsibilities

Governance

• Contribute to the development, implementation and enhancement of IT GRC frameworks and processes.
• Maintain IT governance documentation, ensuring accuracy and alignment with policy requirements.
• Support governance reviews and assist in the preparation of IT GRC reporting for management and stakeholders.
• Help communicate IT risk and control frameworks across the organisation.

Risk

• Identify, assess, and document IT risks across systems and services.
• Support IT risk management activities, including technical risk assessments and remediation tracking.
• Work with risk owners to develop, monitor and report on mitigation plans.
• Contribute to periodic operational risk assessments and formal risk reporting processes.

Compliance

• Support IT control compliance reviews and assessments against internal standards and frameworks (e.g., ISO 27001, NIST).
• Assist control owners in performing control self-assessments and audit readiness activities.
• Help coordinate compliance attestations across internal teams and third-party providers.
• Participate in periodic maturity assessments and improvement initiatives for IT controls.

Key Skills and Experience

• Minimum of 3 years’ experience in IT Governance, Risk, and Compliance.
• Solid understanding of IT risk management principles, control frameworks and compliance processes.
• Experience conducting IT risk assessments, control testing and evidence gathering for audits.
• Knowledge of frameworks such as ISO 27001, NIST or COBIT.
• Strong analytical skills and attention to detail with excellent documentation and reporting abilities.
• Confident communicator, able to engage effectively with technical and non-technical stakeholders.
• Exposure to financial services or other regulated industries is advantageous.
• Relevant certifications such as ITIL, CompTIA Security+, CRISC, or CISSP (Associate) are desirable.

Why Join?

• Join a respected financial institution committed to developing its people and promoting from within.
• Work on a variety of IT risk and compliance initiatives gaining exposure to enterprise-level systems and governance.
• Collaborative, inclusive and learning-focused culture with opportunities for professional growth.
• Flexible hybrid working model with modern City offices.

For a full consultation, send your CV to ARC IT Recruitment.